Twenty billion US dollars. That’s how much experts expect the Ransomware industry to be worth come next year, up from a US$345m value in 2015.
These staggering figures reveal both the extent of the payouts to these attackers as well as the vulnerabilities that businesses face when it comes to cyber security, and these attacks often start when a user clicks a weaponized link embedded in a seemingly innocent email.
Ransomeware Attacks are Just the Tip of the Iceberg
Ransomware is but one of many cyber attacks that companies are facing today. Yet many CEOs in Jamaica, and indeed the region, seem to think that a cyber attack will not happen to them.
“Why would anyone be interested in my data? ” is one of the prevailing questions that incredulously mark this mistaken stance of immunity.
So to the CEO’s question, I say the attackers are not interested in your data. Their interest is in your willingness to pay them to release your data after they encrypt it – finally putting an end to your business disruption.
The True Cost of Ransomeware
The truth is, the impact of ransomware on businesses extends the nightmare well beyond paying the ransom. It affects employee productivity, your brand/reputation and exposes your company to possible information leaks, litigation and compliance breaches. CEOs who want to avoid being victims of ransomware need to rethink their cyber security solution now.
It is very compelling to note that data exfiltration, or encryption (ransomware), is usually the final stage of a system breach that likely happened long before, and remained undetected by your company’s security infrastructure.
Signature Based Solutions Aren't Enough
The highly regarded IT research firm Gartner agrees that “signature-based anti-malware detection is increasingly ineffective against an explosion in the number of malware variants as well as an increase in the number of financially motivated attacks.”
Antivirus, being signature-based, is ineffective against new attacks. The software simply can’t find a match. It’s like trying to match a fingerprint or DNA sample to a criminal who has never before had his/her data recorded. To make matters worse, simply re-encoding a binary file is often sufficient to bypass a signature that was previously known. To be clear, Antivirus is ineffective against new attacks.
Other areas of vulnerability occurs because for many businesses today, production activities are taking place outside of the corporate premises and the traditional security infrastructure.
The traditional security stack we have grown up with (Castle and Moat) is no longer effective. This is because the users you are trying to protect no longer permanently reside withing the confines of the corporate perimeter. How the business secures its data and protects its users has to change.
Still, many of the sceptical CEOs will argue that they have a firewall and anti-virus, and they are up-to-date. Truth is, every firewall exposed to the Internet is an attack surface and has been the entry point for some of the largest ransomware attacks.
In fact, every successful breach that has been reported had two things in common: the company had a firewall and antivirus, yet they still got breached.
Cloud-Scale Security is the Way Forward
What is needed is a cloud-scale solution that protects users no matter where they go and how they connect to the network in this new, work anywhere, anytime world. Such a solution, for example, should help organisations, of any size, launch and support a remote workforce securely in a time frame measured in minutes or hours, not days or weeks.
All this makes a strong case that this brave new world needs equally brave new solutions to protect company data from those with ill intentions.
Here, I make the point, again. To protect against ransomware and any other type of infiltration, a single solution isn’t enough. Businesses need to look to a next-gen cloud based multilayered security, one that goes with the user wherever they may be, armed with a slew of security tools working together to block malicious traffic.